[kmf-discuss] GNOME keyring as a KMF keystore
Wyllys Ingersoll
wyllys.ingersoll at sun.com
Tue Mar 27 09:25:13 PDT 2007
Darren J Moffat wrote:
> I wonder if it would be useful to have the GNOME keyring as a KMF key
> store.
>
Not sure how useful it would be. I don't even know how many
gnome apps actually use the gnome keyring API.
The gnome-keystore API doesn't really provide the same level
of support that the current KMF keystore APIs have such as
the ability to generate public/private keypairs and
ability to do operations with private keys from the store
without exposing the key itself.
The reverse might be more interesting - change gnome-keyring
to use KMF APIs to store keys in one of our supported keystores
instead of in their own proprietary one. Configuration parameters
(or command line options) could dictate which store to use,
the default might be to use flat files (OpenSSL), but we could
make it possible to direct it to store keys on a token or even
NSS DB instead by going thru KMF.
-Wyllys
More information about the kmf-discuss
mailing list